4f0afb62a9fdbb29421dd965640fbe4de1af3ac1206b2165fb3d54fffc1a95a5

General

Target

ExplorerBlurMica by VIN STAR.zip
Size

109KB
Sample

240629-ngb94szarn
MD5

d5ed3990c539fcbadb86a4b740b57e68
SHA1

f48a4755accd7d87bfe742d9111c1c7d2ecac28d
SHA256

4f0afb62a9fdbb29421dd965640fbe4de1af3ac1206b2165fb3d54fffc1a95a5
SHA512

8a211555be77efdeeeee6b45ab384d45a680e9a3978967dc8bffde72f25313ba4d07cb898876b393d9ede6073899996b490e3bb96f3cb0de8e241d037852f622
SSDEEP

3072:MAO2RJcJmzn1DdPtq0ZpA78t+9CobJZkI5H/eWYxoTw:MAODYzVdDDTglbMg42w

Score

8^/10

Malware Config

Targets

- Target
  
  ExplorerBlurMica/Release/ExplorerBlurMica.dll
- Size
  
  214KB
- MD5
  
  6bbdd800a32fdbca2385e95214dcd4d3
- SHA1
  
  93ef5e833904f2a7a2f2fea64671394f6b31c3ae
- SHA256
  
  9d6f554604111405e48f7fdf0eba972bdde5e0a275d2e7dd66240681ea595344
- SHA512
  
  bdc0558007ae526c7b3fb89d3ef013ca95393336b3d7d52e4b0f20a7e556852d72be3e15e031a5c6d357d1ab04b4faaa137a0ad228d52046b9f65879fc254515
- SSDEEP
  
  6144:ySjaVUOYSlu6vaDcUB4Sv75o7Dr1LrYGf:dUUOa4ho5o7DB
Score

7^/10

adware persistence privilege_escalation stealer
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1
- Target
  
  ExplorerBlurMica/Release/register.cmd
- Size
  
  247B
- MD5
  
  e513f1f7f4eb1851973b281b0595f117
- SHA1
  
  381e79bc136b3297cef997cc4df34538a1688b20
- SHA256
  
  41f3089fb799635a8aa0ed059d491ca78f143f0f111a9b52a00c168eca9507ac
- SHA512
  
  6d5d11592d871c52de76a30a9470b3933cd4e4531a7b77c73758fbe9269ac4635926d78d9f5178e26f5e25c4a0318e6cf0145a8c06affafcd626720a88abc27a
Score

7^/10

adware persistence privilege_escalation stealer
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral2
- Target
  
  ExplorerBlurMica/Release/uninstall.cmd
- Size
  
  297B
- MD5
  
  d84e8b5fe4e5854bf299ed20f004264c
- SHA1
  
  2ebabb73ef9af06c33ba1c8ce933ac83ef74f4be
- SHA256
  
  ef3dc2f1b06d6268e658120376a0be63e22ad2bf51a216c4fe6575fc0adcaba3
- SHA512
  
  b64e825a31fc1a1b9da740cb73f5cf4fc6c3ecae2b4163aa7a7c4d3afeca98c5543a48dcdfb75dc3bcbaced2699b3d4741f7fc0f3ece26d63630a3f1595f8b8a
Score

8^/10

persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3

MITRE ATT&CK Matrix ATT&CK v13

Tasks

Sharing

General

Malware Config

Targets

Event Triggered Execution: Component Object Model Hijacking

Installs/modifies Browser Helper Object

Drops file in System32 directory

Event Triggered Execution: Component Object Model Hijacking

Installs/modifies Browser Helper Object

Boot or Logon Autostart Execution: Active Setup

Enumerates connected drives

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3